![[H]ardOCP](/images/blank.gif){kind=small}
Firefox users: Beware of Gmail XSS Attack
An exploit for Firefox, reported 10 days ago and as of yet still not patched, is giving attackers access to Google accounts, including gmail.
Firefox users are advised to use NoScript or turn off javacript on unknown webpages and stay logged out of their Google Accounts until a fix is issued.
A 302 redirect error in Google, discovered by bedford.org's Morgan Lowtech aka tx, creates a domain-wide cross-site scripting attack allowing hackers to gain access and modify Google user accounts including e-mails, contact lists and online presence.